Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/SNfghGfTDHAShwWD69WUBo3W1K4.roa
File: SNfghGfTDHAShwWD69WUBo3W1K4.roa (raw, json)
Hash identifier: TU3If+mJwznw8gZbGcQHoKLjcQBrvGUOKnbj4+EYHzc=
Subject key identifier: 48:D7:E0:84:67:D3:0C:70:12:87:05:83:EB:D5:94:06:8D:D6:D4:AE
Certificate issuer: /CN=137f3372df57c814aba8b51a907861d92b9e4f55
Certificate serial: 018571276C46652AFDC3D590C0424AA39F3C
Authority key identifier: 13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/SNfghGfTDHAShwWD69WUBo3W1K4.roa
Signing time: Mon 02 Jan 2023 06:24:47 +0000
ROA not before: Mon 02 Jan 2023 06:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202468
IP address blocks: 5.253.24.0/22 maxlen: 24
5.253.26.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:6c:46:65:2a:fd:c3:d5:90:c0:42:4a:a3:9f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=137f3372df57c814aba8b51a907861d92b9e4f55
Validity
Not Before: Jan 2 06:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48d7e08467d30c7012870583ebd594068dd6d4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c7:e8:30:8a:c7:91:07:19:eb:ab:90:a5:27:
c3:ef:ab:b5:a1:57:23:f0:75:89:9f:e6:47:ba:21:
14:aa:7c:ef:f0:8e:f5:08:a1:42:57:e1:0a:f0:d5:
85:a1:b6:8c:6e:ec:48:49:26:d2:f0:0c:68:d9:1f:
48:72:94:5b:26:e3:92:33:c1:55:7c:99:e0:69:99:
6d:ec:f4:4f:a0:47:29:fe:f0:87:75:e8:f5:09:e7:
2b:20:a4:31:6e:4a:c8:e3:78:33:29:98:80:1a:b6:
2d:19:58:8d:25:90:02:7b:0f:41:f0:72:91:6f:39:
ad:2c:88:2e:13:c0:a5:33:4b:7d:52:3e:f4:fd:22:
f3:d9:1b:f7:a3:1e:8a:ad:35:23:93:66:fe:b3:ad:
e3:d7:86:08:e6:47:e9:38:c1:45:fa:b4:d8:ab:d6:
54:2c:a5:f1:c3:a0:da:78:3e:5f:5b:ab:f5:1f:2e:
e9:0b:53:f6:6b:93:09:17:d9:9b:97:56:9f:5a:e8:
6f:63:03:36:1d:17:bb:54:a8:db:41:be:73:6d:e0:
b8:cd:f0:88:e2:77:f5:25:e5:33:6c:27:7a:e1:f0:
e5:90:ad:71:a7:0c:49:b8:a0:60:53:f6:28:37:25:
32:b4:8d:c9:10:85:e4:59:68:43:22:7e:2c:86:37:
64:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D7:E0:84:67:D3:0C:70:12:87:05:83:EB:D5:94:06:8D:D6:D4:AE
X509v3 Authority Key Identifier:
keyid:13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/SNfghGfTDHAShwWD69WUBo3W1K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/E38zct9XyBSrqLUakHhh2SueT1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.24.0/22
Signature Algorithm: sha256WithRSAEncryption
21:c8:b5:7c:f5:54:ae:6c:9f:46:14:01:5e:fd:01:21:e9:42:
93:68:a6:57:1e:b2:f2:90:14:20:22:7d:c0:98:4b:92:d2:12:
3c:82:f7:2e:97:21:ae:96:50:35:15:11:b8:5b:af:44:d5:cd:
50:34:1a:6a:04:01:c9:e7:33:91:5c:63:f9:0b:ed:a7:eb:f3:
94:6d:36:a6:73:86:cc:f3:fc:10:13:ad:95:70:2f:94:85:8b:
f7:68:cc:38:cd:cd:bc:02:01:eb:58:c2:83:8a:fe:12:52:1c:
e9:ba:1f:d2:14:38:7b:35:87:8b:d0:eb:92:26:56:e8:6d:7a:
a2:a5:f8:81:6a:6d:a8:fb:52:b5:a2:09:6d:9a:72:13:f2:c2:
ae:e1:a3:ba:73:53:01:30:11:f1:2c:71:72:5e:41:ee:ee:0c:
8e:bd:dc:bb:34:ed:ef:69:73:a0:20:9e:16:9a:e6:3f:37:90:
07:01:72:58:f9:4c:6a:d2:ff:87:25:7e:74:7c:d7:c5:9e:cf:
eb:88:e6:46:a9:05:a2:62:51:0f:2c:06:43:9c:34:30:bb:d1:
e7:a5:c8:45:60:11:9b:fa:f2:5e:e1:fd:5a:9d:22:fa:6c:a2:
90:42:62:b5:3b:69:d5:5f:21:e4:51:76:70:ca:ba:6f:74:e0:
c5:6b:e1:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ2xGZSr9w9WQwEJKo588MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzN2YzMzcyZGY1N2M4MTRhYmE4YjUxYTkwNzg2MWQ5MmI5
ZTRmNTUwHhcNMjMwMTAyMDYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGQ3ZTA4NDY3ZDMwYzcwMTI4NzA1ODNlYmQ1OTQwNjhkZDZkNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8foMIrHkQcZ66uQpSfD76u1oVcj
8HWJn+ZHuiEUqnzv8I71CKFCV+EK8NWFobaMbuxISSbS8Axo2R9IcpRbJuOSM8FV
fJngaZlt7PRPoEcp/vCHdej1CecrIKQxbkrI43gzKZiAGrYtGViNJZACew9B8HKR
bzmtLIguE8ClM0t9Uj70/SLz2Rv3ox6KrTUjk2b+s63j14YI5kfpOMFF+rTYq9ZU
LKXxw6DaeD5fW6v1Hy7pC1P2a5MJF9mbl1afWuhvYwM2HRe7VKjbQb5zbeC4zfCI
4nf1JeUzbCd64fDlkK1xpwxJuKBgU/YoNyUytI3JEIXkWWhDIn4shjdkgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEjX4IRn0wxwEocFg+vVlAaN1tSuMB8GA1UdIwQY
MBaAFBN/M3LfV8gUq6i1GpB4Ydkrnk9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMt
YTIyNGZlZmFjMjE4LzEvU05mZ2hHZlRESEFTaHdXRDY5V1VCbzNXMUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMtYTIyNGZlZmFjMjE4
LzEvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf0YMA0G
CSqGSIb3DQEBCwUAA4IBAQAhyLV89VSubJ9GFAFe/QEh6UKTaKZXHrLykBQgIn3A
mEuS0hI8gvculyGullA1FRG4W69E1c1QNBpqBAHJ5zORXGP5C+2n6/OUbTamc4bM
8/wQE62VcC+UhYv3aMw4zc28AgHrWMKDiv4SUhzpuh/SFDh7NYeL0OuSJlbobXqi
pfiBam2o+1K1ogltmnIT8sKu4aO6c1MBMBHxLHFyXkHu7gyOvdy7NO3vaXOgIJ4W
muY/N5AHAXJY+Uxq0v+HJX50fNfFns/riOZGqQWiYlEPLAZDnDQwu9HnpchFYBGb
+vJe4f1anSL6bKKQQmK1O2nVXyHkUXZwyrpvdODFa+Fw
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:42 2024 by rpki-client on console-fra.rpki-client.org